DISASTER RECOVERY PLAN

This DeHealth Disaster recovery plan establishes procedures to recover the following disruption. The following objectives have been established for this plan:

Notification/Activation phase to detect and assess damage and to activate the plan;
Recovery phase to restore temporary IT operations and recover damage done to the original system;
Reconstitution phase to restore Data processing capabilities to normal operations;
Identified the activities, resources, and procedures needed to carry out Data processing requirements during prolonged interruptions to normal operations;
Assigned responsibilities to designated Company Employe and provide guidance for recovering during prolonged periods of interruption to normal operations;
Ensured coordination with other Company staff who will participate in the contingency planning strategies.
Ensured coordination with external points of contact and vendors who will participate in the contingency planning strategies.

This Company Disaster recovery plan has been developed as required under the Health Insurance Portability and Accountability Act (HIPAA) Final Security Rule, Section §164.308(a) (7), which requires the establishment and implementation of procedures for responding to events that damage systems containing electronic protected health information.

This Company Disaster recovery plan is promulgated under the legislative requirements set forth in the Federal Information Security Management Act (FISMA) of 2002 and the guidelines established by the National Institute of Standards and Technology (NIST) Special Publication (SP) 800-34, titled "Contingency Planning Guide for Information Technology Systems" dated June 2002.

DEFINITION
1. User is any person who installs the App to receive Services for the purpose of monitoring their health.
2. Personal Data is any information that is in the public domain, allowing you to directly or indirectly identify the User. For example, first name, last name, phone number, IP address.
3. Employee is any natural person or contractor who cooperates with the Company on the basis of an employment contract or other regulatory law.
4. Data concerning health means personal data related to the physical or mental health of a natural person, including the provision of health care services, which reveal information about his or her health status.
5. Data is a common name for Personal Data and Data concerning health
6. Disaster is any disruptive or catastrophic event (e.g., power outage, weather, natural disaster, vandalism) that causes an interruption in technology relating to Data, databases, systems, archived data and other resources provided by the Company.
7. Coordinator is an Employee who holds a managerial position and is responsible for restoring the App in the event of a Disaster.
8. Damage Assessment Team is the Employees who take all the necessary actions to restore the Application after a Disaster, in accordance with the Disaster recovery plan.
9. Services an algorithm of actions carried out by the Company to provide the User with the opportunity to install the App to check the state of his health and monitor its condition by contacting a Doctor.
10. Doctor is a qualified specialist in the field of medicine, who is chosen by the User to receive Services for diagnosing his health or monitoring his condition.
11. DeHealth company (hereinafter referred to as the "Company" or "DeHealth") is a DEHEALTH TECHNOLOGIES, INC, registered at 1049 El Monte Avenue, Ste C #846, Mountain View, CA 94040, United States, EIN: 36-5099713, which provides Services to Users.
12. DeHealth application (hereinafter referred to as the "App") is a service created so that the User can check the state of his health and monitor the change in his health.
13. Health Insurance Portability and Accountability Act of 1996 (HIPAA) is a federal law that sets rules about who can see and receive medical information.
APPLICABILITY
1. The Company Disaster recovery plan applies to the functions, operations, and resources necessary to restore and resume Data processing operations.
2. The applicability of the plan is predicated on key principles:
  1. Company will use the alternate site building and IT resources to recover App functionality during an emergency situation that prevents access to the original facility.
  2. The designated computer system at the alternate site has been configured to begin Data processing.
  3. The alternate site will be used to continue Data processing throughout the period of disruption, until the return to normal operations.
3. Key Company Employees have been identified and trained in their emergency response and recovery roles; they are available to activate the Disaster recovery plan.
4. The Company Disaster recovery plan does not apply to the following situations:
  1. Overall recovery and continuity of business operations;
  2. In case of occurrence of force majeure circumstances (acts of war, acts of goods, natural disasters, man-made and other accidents, strikes, lockouts, actions of state bodies or state bodies, epidemics, pandemic emergencies) and circumstances that were not controlled by the Company and could not be controlled by it.
REFERENCES/REQUIREMENTS
1. The Company is developing contingency planning capabilities to meet the needs of critical support operations in the event of a software and App failure lasting more than 48 hours. Procedures for implementing such capabilities are documented in a formal contingency plan and are reviewed at least annually and updated as necessary. Employees responsible for target systems are trained in emergency procedures. The plan, recovery capabilities and Employees are reviewed for weaknesses at least annually.
2. The Company Disaster recovery plan also complies with the following federal and departmental policies:
  1. The Computer Security Act of 1987;
  2. OMB Circular A-130, Management of Federal Information Resources, Appendix III, November 2000;
  3. Federal Emergency Management Agency (FEMA), The Federal Response Plan (FRP), April 1999;
  4. Defense Authorization Act (Public Law 106-398), Title X, Subtitle G, “Government Information Security Reform,” October 30, 2000.

RESPONSIBILITIES

The Data disaster recovery plan is based on the NIST SP 800-34 protocol, includes established RTO (Recovery Time Objective) and RPO (Recovery Point Objective). Employee training is regularly conducted with data loss recovery testing in various scenarios, including cyber attacks.

The following group was created and trained to respond to emergency events affecting the processing of Data and ensuring the operation of the App:

No	Name	Position	Contact
1	Alexander Lisovik	Web3/Mobile Lead	[email protected]
2	Oleh Khomiak	Chief information security officer (CISO)	[email protected]
3.	Vladyslav Kuzniak	Consultant (Data Engineer )	[email protected]
4.	Anton Bosenko	Consultant (DevOps Engineer )	[email protected]

The Company establishes criteria for validation/testing of a Disaster recovery plan, an annual test schedule, and ensures implementation of the test. This process will also serve as training for Employees involved in the plan’s execution. The Disaster recovery plan shall be tested annually (within 365 days). The types of validation/testing exercises include tabletop and technical testing.
Tabletop testing is conducted in accordance with the CMS Disaster recovery plan tabletop test procedures. The primary objective of the tabletop test is to ensure designated Employees are knowledgeable and capable of performing the notification/activation requirements and procedures in a timely manner. The exercises include, but are not limited to:
1. Testing to validate the ability to respond to a crisis in a coordinated, timely, and effective manner, by simulating the occurrence of a specific crisis; and
2. Crisis communications and call tree verification.
The primary objective of the technical test is to ensure the communication processes and data storage and recovery processes can function at an alternate site to perform the functions and capabilities of the system within the designated requirements. Technical testing shall include, but is not limited to:
1. Process from backup system at the alternate site;
2. Restore system using backups; and
3. Switch voice and data telecommunications to alternate processing site.
The sequence of notifications in the event of a Disaster is given below:
1. The first responding Company employee must notify the Coordinator. All known information must be given to the Coordinator.
2. The system manager should contact the Damage Assessment Team and inform them of the event. The Сoordinator should instruct the team leader to initiate the evaluation procedures.
3. Damage Assessment Team is to notify team members and direct them to complete the assessment procedures outlined below to determine the extent of damage and estimated recovery time. If damage assessment cannot be performed locally because of unsafe conditions, the Damage Assessment Team is to follow the outline below:
  1. damage assessment;
  2. notification of all persons related to the Disaster within 24 hours of the occurrence of such Disaster;
  3. notification of the Coordinate, within 24 hours of the occurrence of such a Disaster;
  4. termination of processing of Data affected by the Disaster;
  5. immediate removal of all Data from public access;
  6. restoration of the Data processing security system;
  7. restoration of a backup copy of Data;
  8. resumption of data processing on another software or property, if such an action is necessary;
  9. transferring Data to another server, if such an action is necessary;
  10. Upon notification from the Coordinator, the Damage Assessment Team Leader is to organize the implementation of measures in the event of a Disaster and to ensure the implementation of all actions by the Employees provided for in the Disaster recovery plan;
  11. The Damage Assessment Team is to perform all actions to eliminate the Disaster, in accordance with the terms of the Disaster recovery plan.
The Disaster recovery plan is to be activated if one or more of the following criteria are met:
1. App will be unavailable for more than 48 hours;
2. App is damaged and will be unavailable for more than 24 hours;
3. there has been an unlawful disclosure of Data;
4. if the plan is to be activated, the Coordinator is to notify all team leaders and inform them of the details of the event and if relocation is required;
5. Upon notification from the Coordinator, team leaders are to notify their respective teams. Team members are to be informed of all applicable information and prepared to respond and relocate if necessary;
6. The Coordinator is to notify the off-Data storage facility that a contingency event has been declared and to ship the necessary materials (as determined by damage assessment) to the alternate site/app/server;
7. The Coordinator is to notify remaining Employes (via notification procedures) on the general status of the Disaster.

Contact information for key Employee is:

Coordinator

Print Name: Denys Tsvaig

Title: CEO

Role: Coordination of all actions of the Company's employees during the occurrence of a Disaster. Setting the task for the Team Lead.

Team Lead of the Damage Assessment Team

Print Name: Oleh Khomiak

Title: Chief information security officer (CISO)

Role: Organizing the actions of the Company's employees during the occurrence of a Disaster and providing a plan to eliminate the consequences of the Disaster.

System Manager

Print Name: Oleh Khomiak

Title: Web3/Mobile Lead

Role: Recording the consequences and lost data due to the Disaster and implementing Employee management.

RECOVERY OPERATIONS
1. The purpose of restoring the App is: complete restoration of the App; resumption of provision of Services to Users; restoration of Data security; transferring all data to a new server, if required.
2. All actions related to the restoration of work, provision of Services and processing of Data are carried out exclusively by the Damage Assessment Team, in accordance with the company's internal procedures and actions defined by the Disaster recovery plan.